CVE-2015-6551

Published May 7, 2016

Last updated 8 years ago

CVSS medium 5.9

Overview

Description: Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets.
Source: secure@symantec.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D99C75EB-3507-4704-A565-AB2CF5369A74"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC406C50-6C2B-4160-890F-29DC444DC886"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "778FBECC-2C4C-45D5-A1E8-6678C541AA02"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46E3145F-197D-4860-AF50-8970CC803BFA"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A17E4E50-9D65-460F-8BE1-27A174A6254A"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5A861A3-FF48-47AD-BDE0-323E12CB7819"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EC7B2BA-DC01-4611-921B-C8C94651F142"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7002266-E3B0-4A96-BE09-741A30E74B40"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04D8275D-EE04-4BF7-9482-AE75A2E21F0A"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C24158D-E922-4B07-8F67-58DD714346E5"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "658F2C00-3B49-4011-9F83-62ED504F7476"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE16FC2F-C5E8-43E5-A644-F4D5FF06B464"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A48563EA-D19E-4B62-8AE9-BE15D5EB8932"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E294AFF-E630-4A50-B3DE-E16AF3E595E3"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9465004-79E0-46B0-B66A-48F3665ADA8E"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE8A0C61-6B44-4344-AFC9-834B5B653B58"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA84E2A3-6A57-4753-A6A6-61F6C4D817E3"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.6.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F92467E-E91F-464F-B8C0-8724E4DB83CB"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup_appliance:2.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F9CE3B-72E9-4A37-8E42-5495AB4E8C33"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACD568CB-7839-4DD4-AA6C-E3F14D54477B"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4356423A-17CF-4013-977B-F151BB5CC206"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6B50CD5-C171-4E78-A22F-9B9ADFF505CC"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF9E0A06-0022-43B1-9DFD-025D4FB13055"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B3F9EB4-412C-4CC0-95FC-8C56F1AAD880"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F34BBD63-741B-4AAE-BFFE-7BAACFF1BCA3"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40301990-E272-40C0-90B7-FCDA3B4B5CD3"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAED7E07-8FFC-48AD-9D50-0D65ACEE1529"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9163537F-6657-4758-A980-6CCC8283F51B"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAD0859E-A3D1-416B-B841-EB052CAF6CEA"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54A5CAC2-5DD8-4FAE-B661-32A0017A557A"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D741998D-20C0-4627-BF23-023D6C341746"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01F5DFE7-64AF-4228-A30A-340B7BAA86EE"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D479700-9A02-466B-A2CD-107F6EAF4AC5"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.6.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E185B358-0805-4241-9960-23216974BEFD"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B672A9C-7549-4120-A966-D24090575506"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.6.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E464653E-CFE4-4F9E-A021-DB16D9CE6046"
          },
          {
            "criteria": "cpe:2.3:a:veritas:netbackup:7.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C760A6C-ADA4-4D5D-8C63-54B1B93B1DEF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References